CVE-2012-4922

The tortimegm function in common/util.c in Tor before 0.2.2.39, and 0.2.3.x before 0.2.3.22-rc, does not properly validate time values, which allows remote attackers to cause a denial of service assertion failure and daemon exit via a malformed directory object, a different vulnerability than...

Mandrake Linux Security Advisory : Zope (MDKSA-2000:043)

The exploit that was not fixed with the previous Zope hotfix involves the getRoles method of user objects contained in the default UserFolder implementation returning a mutable Python type. Because the mutable object is still associated with the persistent User object, users with the ability to...

Mandrake Linux Security Advisory : Zope (MDKSA-2000:083)

There is an issue involving security registration of 'legacy' names for certain object constructors such as the constructors for DTML Method Objects. Security was not being applied correctly for the legacy names, making it possible to call those constructors without the permissions that should ha...

CVE-2012-3527

viewhelp.php in the backend help system in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote authenticated backend users to unserialize arbitrary objects and possibly execute arbitrary PHP code via an unspecified parameter, related to a "missing signature HMAC."...

Design/Logic Flaw

viewhelp.php in the backend help system in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote authenticated backend users to unserialize arbitrary objects and possibly execute arbitrary PHP code via an unspecified parameter, related to a "missing signature HMAC."...

CVE-2012-3527

viewhelp.php in the backend help system in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote authenticated backend users to unserialize arbitrary objects and possibly execute arbitrary PHP code via an unspecified parameter, related to a "missing signature HMAC."...

PT-2012-4786 · Typo3 · Typo3

Name of the Vulnerable Software and Affected Versions: TYPO3 versions 4.5.x through 4.5.18 TYPO3 versions 4.6.x through 4.6.11 TYPO3 versions 4.7.x through 4.7.3 Description: The issue allows remote authenticated backend users to unserialize arbitrary objects and possibly execute arbitrary PHP co...

SAP Business Objects Financial Consolidation ActiveX buffer overflow

CtAppReg.dll buffer overflow...

ZDI-12-138 : SAP Business Objects Financial Consolidation CtAppReg.dll username Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-138 : SAP Business Objects Financial Consolidation CtAppReg.dll username Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-138 August 17, 2012 - -- CVE ID: - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - --...

Microsoft Internet Explorer 远程代码执行漏洞(CVE-2012-2521)

Bugtraq ID:54952 CVE ID:CVE-2012-2521 Microsoft Internet Explorer是一款流行的WEB浏览器。 Microsoft Internet Explorer没有正确处理内存中的对象，当异步访问NULL对象时可触发一个释放后使用错误，攻击者通过引用已删除对象可以应用程序上下文执行任意代码。 0 Microsoft Internet Explorer 9 Microsoft Internet Explorer 8 Microsoft Internet Explorer 7 Microsoft Internet Explorer 6.0...

SAP Business Objects Financial Consolidation CtAppReg.dll username Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP Business Objects Financial Consolidation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

Format string

IBM Global Security Kit aka GSKit before 8.0.14.22, as used in IBM Rational Directory Server, IBM Tivoli Directory Server, and other products, uses the PKCS 12 file format for certificate objects without enforcing file integrity, which makes it easier for remote attackers to spoof SSL servers via...

Stable Channel Update

The Stable channel has been updated to 21.0.1180.75 for Mac, Linux, Windows and Chrome Frame This build fixes: Flash videos not longer remaining in fullscreen when clicking a secondary monitor while the video is playing Issue: 140366. Flash video full screen displays on wrong monitor Issue: 13752...

Scientific Linux Security Update : kernel on SL5.x i386/x86_64

the Xen implementation did not prevent applications running in a para-virtualized guest from modifying CR4 TSC. This could cause a local denial of service. CVE-2007-5907, Important - Tavis Ormandy reported missing boundary checks in the Virtual Dynamic Shared Objects vDSO implementation. This...

Scientific Linux Security Update : firefox on SL4.x, SL5.x, SL6.x i386/x86_64

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...

ValidationHash generation should use random.SystemRandom instead of random class

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-47146. panel ValidationHash generation should use random.SystemRandom instead of the random.Random class when generating a rando...

ValidationHash generation should use random.SystemRandom instead of random class

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Cloud. Using Confluence Server? See the corresponding bug report|http://jira.atlassian.com/browse/CONFSERVER-47146. panel ValidationHash generation should use random.SystemRandom instead of the random.Random class when generating a rand...

Code injection

TikiWiki CMS/Groupware before 6.7 LTS and before 8.4 allows remote attackers to execute arbitrary PHP code via a crafted serialized object in the 1 cookieName to lib/banners/bannerlib.php; 2 printpages or 3 printstructures parameter to a tiki-printmultipages.php or b tiki-printpages.php; or 4...

PT-2012-2943 · Tiki · Tikiwiki Cms/Groupware

Name of the Vulnerable Software and Affected Versions: TikiWiki CMS/Groupware versions prior to 6.7 LTS and prior to 8.4 Description: The issue allows remote attackers to execute arbitrary PHP code via a crafted serialized object. This can be achieved through several parameters, including...

ms-sql-dac NSE Script

Queries the Microsoft SQL Browser service for the DAC Dedicated Admin Connection port of a given or all SQL Server instance. The DAC port is used to connect to the database instance when normal connection attempts fail, for example, when server is hanging, out of memory or in other bad states. In...